Tirify shared design system
UI Kit
Tirify shared design system — tokens, UI primitives, rules. Consumed by tirify-admin (Next 16) and tirify-frontend-common-panel (Vite).
Version 0.1.3
Version 0.1.1
Generated 2026-07-12T12:40:08.021Z
tirify-ui-kit
Shared design system for the Tirify frontends. npm-workspaces monorepo,
published to the GitLab Package Registry under the `@tirify` scope.
Consumers:
- **tirify-admin** — Next.js 16, Tailwind v4 (canonical origin of the tokens)
- **tirify-frontend-common-panel** — Vite, Tailwind v4
Packages
Commands
npm install # link workspaces
npm run build # build all packages
npm run check # verify generated output is not stale (CI gate)
Docs
- **[AGENTS.md](AGENTS.md)** — rules & conventions for changing this repo (read first).
Per-package: [design-tokens](packages/design-tokens/AGENTS.md), [ui-kit](packages/ui-kit/AGENTS.md).
- **[DESIGN.md](DESIGN.md)** — the visual design language (colours, type, motion, component vocabulary).
- [docs/PLAN.md](docs/PLAN.md) — approved design + phased rollout + migration notes
- [docs/GITLAB_REGISTRY.md](docs/GITLAB_REGISTRY.md) — how to publish/consume via GitLab
CI/CD и ArgoCD деплой
Текущий production-like технический деплой UI kit — это статический snapshot документации и build-артефактов пакетов, обслуживаемый nginx в k3s.
URL
- `https://tirify-ui-kit-prod-apps-k3s.tirify.com`
- Healthcheck: `https://tirify-ui-kit-prod-apps-k3s.tirify.com/healthz`
Pipeline
GitLab CI запускается на `main` и выполняет:
1. `validate`:
- `npm ci --no-audit --no-fund`
- `npm run build`
- `npm run check`
- `npm run typecheck`
- `npm run build:static`
2. `build_image`:
- собирает Docker image через Kaniko;
- пушит в Harbor:
- `harbor-ecosys.tirify.com/tirify-frontend/tirify-ui-kit:<branch>-latest`
- `harbor-ecosys.tirify.com/tirify-frontend/tirify-ui-kit:<branch>-<sha>`
3. `deploy_gitops`:
- обновляет image tag в `tirify-gitops/deployment`;
- ArgoCD синхронизирует `tirify-ui-kit-prod`.
GitOps
- GitOps repo: `tirify-gitops/deployment`
- ArgoCD app: `tirify-ui-kit-prod`
- Manifests path: `apps/tirify-ui-kit/prod`
- Namespace: `prod`
- Ingress host: `tirify-ui-kit-prod-apps-k3s.tirify.com`
Package Registry
Публикация npm-пакетов выполняется только на git tag job `publish_packages`:
- `@tirify/design-tokens`
- `@tirify/ui-kit`
Обычный push в `main` только валидирует пакеты и деплоит статический snapshot в k3s.
GitLab Package Registry
Publishing & consuming via GitLab Package Registry
How it differs from a plain git repo
A **git repo** stores source code; you `git clone` it and get files. A **package
registry** stores *published, versioned build artifacts* (npm tarballs) addressed by
`name@version`. Consumers never clone `tirify-ui-kit` — they run
`npm install @tirify/design-tokens@^0.1.0` and npm downloads the tarball you published.
So there are two separate things:
- the **git project** `tirify-ui-kit` (source, CI) — lives in GitLab like any repo;
- the **npm registry** attached to that same GitLab project — where `npm publish`
uploads tarballs and where `npm install` resolves the `@tirify` scope.
Each published version is **immutable** — you can't overwrite `0.1.0`; you bump to
`0.1.1`. That's the whole point: consumers pin a version and it never changes under them.
Endpoints
Current Tirify GitLab project:
- GitLab host: `https://git-ecosys.tirify.com`
- Project: `tirify-software/tirify-frontend/tirify-ui-kit`
- Project ID: `242`
- Project npm registry: `https://git-ecosys.tirify.com/api/v4/projects/242/packages/npm/`
Generic GitLab npm endpoints:
**You always publish to a _project_ endpoint.** For this repo, the publish endpoint is already pinned in each package `publishConfig`.
Auth tokens
`.npmrc` auth reads an env var — never commit a real token.
**Cross-project CI gotcha:** when the `tirify-admin` pipeline installs `@tirify/*`
using its own `CI_JOB_TOKEN`, `tirify-ui-kit` must allow it: tirify-ui-kit → Settings →
CI/CD → **Job token permissions** → add the consuming projects to the allowlist.
Simpler alternative for consumers: a **group Deploy Token** with `read_package_registry`.
Publishing (this repo)
1. `publishConfig` is already set in each publishable package to the project registry `https://git-ecosys.tirify.com/api/v4/projects/242/packages/npm/`.
2. CI creates `.npmrc` dynamically and uses `CI_JOB_TOKEN`; local publishing should use `GITLAB_NPM_TOKEN`/deploy token, never a committed token.
3. Bump package versions, build, and publish either by creating a git tag (preferred CI path) or manually:
```bash
npm run build
npm publish -w @tirify/design-tokens
npm publish -w @tirify/ui-kit
```
CI publish job (`.gitlab-ci.yml`)
publish_packages:
stage: publish
image: node:22-alpine
rules:
- if: '$CI_COMMIT_TAG' # publish only on a git tag
script:
- npm ci --no-audit --no-fund
- npm run build
- export NPM_AUTH_TOKEN="${NPM_PUBLISH_TOKEN:-$CI_JOB_TOKEN}"
- |
cat > .npmrc <<EOF
legacy-peer-deps=true
@tirify:registry=${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/packages/npm/
//${CI_SERVER_HOST}/api/v4/projects/${CI_PROJECT_ID}/packages/npm/:_authToken=${NPM_AUTH_TOKEN}
EOF
- npm publish -w @tirify/design-tokens
- npm publish -w @tirify/ui-kit
Consuming (in tirify-admin / common-panel)
Add an `.npmrc` at each consumer repo root:
@tirify:registry=https://git-ecosys.tirify.com/api/v4/projects/242/packages/npm/
//git-ecosys.tirify.com/api/v4/projects/242/packages/npm/:_authToken=${GITLAB_NPM_TOKEN}
Then it's an ordinary dependency:
npm install @tirify/design-tokens
// package.json
"dependencies": { "@tirify/design-tokens": "^0.1.0" }
In CI, replace the auth line's token with `${CI_JOB_TOKEN}` (after allowlisting) or
a group deploy token, generated the same way as in the publish job above.
Local development without publishing
While iterating you don't want to publish on every change. Use `npm link` or a
`file:` dependency to point a consumer at your local checkout:
# from a consumer repo:
npm install file:../tirify-ui-kit/packages/design-tokens
# or: npm link @tirify/design-tokens (after `npm link` inside the package)
Switch back to the `^0.1.0` registry version before committing the consumer.